To browse the web more securely you should use the browser plugins uBlock and uMatrix.
uBlock (https://www.ublock.org/) is a powerful advertisement blocker that does not allow for paid whitelisting like adblock does, you as the user remain in control over which ads you want to block. It is open source and also blocks trackers. Furthermore it is less likely to be detected by anti-ad-block mechanisms which some sites deploy to coerce you into enabling ads.
uMatrix (https://github.com/gorhill/uMatrix) is another browser plugin that can help you with your browsing experience, although is more targeted at advanced users. It effectively acts as a firewall for your browser that by default blocks cookies, scripts, plugins, css, images, frames and XHR. The user is expected to whitelist for each website which functionality it is allowed to use, which makes very fine grained control possible. It may seem annoying to use at first since you need to whitelist sites that you trust, but in my experience it is worth it.
By using the following commands you can remove the passphrase from your key.
cp private.key private.key.org
openssl rsa -in private.key.org -out private.key
The newly created key doesn't contain a passphrase anymore.
The simplest way to generate a CSR in unix systems is through terminal.
First we create our private key, then create a certificate signing request.
openssl genrsa -out keyname.key 2048
openssl req -new -key keyname.key -out MyCsr.csr
After that, we take our CSR and submit it to a certificate authority
Step 1: Generate a RSA Private Key (How to generate a RSA Private Key)
Step 2: Generate a CSR (Certificate Signing Request)
Type this command into your consoel:
openssl req -new -key private.key -out certificate.csr
Next you have to enter the pass phrase from your previously generated private key:
Enter pass phrase for private.key:
During the generation process of the CSR you will have to provide some information for the X.509 attributes like a Country Name, but you don't have to provide all of the asked information. If you enter '.', the field will be left blank.
Snippet from the console output of the asked information:
...
Country Name (2 letter code) [AU]: .
State or Province Name (full name) [Some-State]: .
Locality Name (eg, city) []: .
...
After this steps your certificate has been successfully generated.
First researches showed, that there are several standards for the range of software development (e.g. IEEE 730, 829, 830,…) particularly with the emphasis of quality management. In addition there are guidelines for IT-security (ISO 27001) or the standard according BSI. In the center of these regulations there is the demand of preserving security, but rarely a hint of the operational way how to come to it.
Only A7700 - „requirements in terms of safety at Web applications contains “a practice-oriented approach and a complete cover of the safety requirement at Web application.
On basis of A7700 an assignment guideline was developed, considering the internal requirements (architecture, used data bases,…), which must be added with every procurement of a Web application.
Link: ÖNORM A 7700 (http://www.a7700.org/)